Add lw08 to the snapshot_shell role and give ftp-master some infra there

diff --git a/hieradata/common.yaml b/hieradata/common.yaml
index f49384f..4cba84e 100644 (file)
--- a/hieradata/common.yaml
+++ b/hieradata/common.yaml
@@ -376,5 +376,7 @@ roles:
   snapshot_web:
     - lw07.debian.org
     - sallinen.debian.org
+  snapshot_shell:
+    - lw08.debian.org
   anonscm:
     - cgi-grnet-01.debian.org

diff --git a/modules/roles/manifests/init.pp b/modules/roles/manifests/init.pp
index 3aaccfa..22f9af6 100644 (file)
--- a/modules/roles/manifests/init.pp
+++ b/modules/roles/manifests/init.pp
@@ -282,6 +282,10 @@ class roles {
                include roles::snapshot_web
        }
 
+       if has_role('snapshot_shell') {
+               include roles::snapshot_shell
+       }
+
        if has_role('veyepar.debian.org') {
                ssl::service { 'veyepar.debian.org': notify  => Exec['service apache2 reload'], key => true, }
        }

diff --git a/modules/roles/manifests/snapshot_shell.pp b/modules/roles/manifests/snapshot_shell.pp
new file mode 100644 (file)
index 0000000..23a3bcb
--- /dev/null
+++ b/modules/roles/manifests/snapshot_shell.pp
@@ -0,0 +1,24 @@
+class roles::snapshot_shell {
+       # give ftpmaster/the dak user some environment so they can poll the
+       # list of files we have
+       file { '/etc/ssh/userkeys/dak':
+               ensure => present,
+               owner => dak,
+               mode => '0644',
+       }
+       file { '/etc/ssh/userkeys/dak':
+               ensure => present,
+               owner => 'dak',
+               mode => '0644',
+       }
+       file { '/home/dak':
+               ensure => link,
+               target => '/srv/ftp-master.debian.org',
+       }
+       file { '/srv/ftp-master.debian.org':
+               ensure => directory,
+               owner => 'root',
+               group => 'debadmin',
+               mode => '02775',
+       }
+}